Employee outsources own job to read Reddit, earns a fortune

If businesses can save time and money by outsourcing jobs and services, why can't employees do the same?

Perhaps this was the mindset of "Bob," a developer based at a U.S. critical infrastructure company who was part of a case study released by Verizon. Bob, one of the top developers at the firm, was part of a security audit that exposed what the employee was actually doing -- outsourcing his job to a Chinese developer.

The situation came to light when the company's telecommunications supplier was called in after a basic virtual private network (VPN) was constructed to cater for staff to be able to work from home. The VPN logs showed that the corporate network was continually being accessed from Shenyang in China, which suggested that something dodgy was going on.

By using Bob's credentials, the Chinese programmer was able to login and access the company's main server. Recorded invoices showed that Bob had outsourced his work to a software consultancy firm in the Asian country, giving them his credentials and paying them only a fifth of his six-figure salary while he enjoyed his free time.

"The company's IT personnel were sure that the issue had to do with some kind of zero day malware that was able to initiate VPN connections from Bob's desktop workstation via external proxy and then route that VPN traffic to China, only to be routed back to their concentrator," said Verizon. "Yes, it is a bit of a convoluted theory, and like most convoluted theories, an incorrect one."

So what did Bob do with all of his spare time? He surfed, chatted, and procrastinated, as his browser history shows:

After further investigation into the programmer's activities, Verizon found that Bob had pulled the same stunt on other companies, resulting in his middle-man job earning him a fortune in profit. Sadly for Bob, his company may be allowed to outsource work, but employees may not.